[Bug 257993] Re: [CVE-2008-3699] Insecure creation of magnatune temp files
feranick
feranick at hotmail.com
Wed Feb 4 21:50:02 UTC 2009
AmaroK in the dell-mini custom repos is still in version
2:1.4.9.1-0ubuntu3 which is affected by a security vulnerability. A
patch is already available in mainstream hardy-updates. Thus, this
packaged should be ported in the dell-mini repos.
Changelog:
amarok (2:1.4.9.1-0ubuntu3.1) hardy-security; urgency=low
* SECURITY UPDATE: Insecure creation of magnatune temp files
* Added kubuntu_99_security_mangatune_file_creator.diff patching
amarok/src/magnatunebrowser/magnatunebrowser.cpp and
amarok/src/magnatunebrowser/magnatunebrowser.h. Creates temp files
correctly. From upstream.
* References
http://secunia.com/advisories/31418/
http://www.securityfocus.com/bid/30662
http://websvn.kde.org/?view=rev&revision=846626
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494765
CVE-2008-3699
** Also affects: dell-mini
Importance: Undecided
Status: New
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-3699
--
[CVE-2008-3699] Insecure creation of magnatune temp files
https://bugs.launchpad.net/bugs/257993
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to amarok in ubuntu.
More information about the kubuntu-bugs
mailing list